Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MALWARE-CNC MultiOS.Trojan.DarkUtilities variant outbound connection

Ben_
New here
‎Sep 13 2022 7:23 AM
‎Sep 13 2022 7:23 AM

MALWARE-CNC MultiOS.Trojan.DarkUtilities variant outbound connection

Hi everybody,

 

I have a malware-cnc named MALWARE-CNC MultiOS.Trojan.DarkUtilities variant outbound connection with the snort-rule 1-60324 that affected all of the APs of m one of my clients. The connections all came from Hong Kong. Since I didn't see any topics about this in this forum, I was wondering if someone was affected by this malware and what actions they had done to resolve this problem.

 

Thanks everyone.

 

Sincerely,

 

Ben_

0 Kudos
Subscribe
2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal
‎Sep 13 2022 7:28 AM
‎Sep 13 2022 7:28 AM

Have you tried to block the source IP or the Country?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Subscribe
In response to alemabrahao
Ben_
New here
‎Sep 13 2022 9:59 AM
‎Sep 13 2022 9:59 AM

I thought that I blocked this country but I did not so I will block it thank you.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.